/**   
* @Title: LoginFilter.java 
* @Package com.csis.security.filter 
* @Description: TODO
* @author dailey  
* @date 2012-10-10
* @version V1.0   
*/
package com.csis.security.filter;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpServletResponseWrapper;

import com.csis.system.common.IStaticData;
import com.csis.system.common.WebUtil;

/**
 * @author dailey
 *
 */
public class LoginFilter implements Filter {

	private FilterConfig filterConfig;

	/**
	 * @return the filterConfig
	 */
	public FilterConfig getFilterConfig() {
		return filterConfig;
	}

	/**
	 * @param filterConfig the filterConfig to set
	 */
	public void setFilterConfig(FilterConfig filterConfig) {
		this.filterConfig = filterConfig;
	}

	/* (non-Javadoc)
	 * @see javax.servlet.Filter#destroy()
	 */
	@Override
	public void destroy() {
		this.filterConfig = null;
	}

	public static final String LOGONSTRINGS = "logonStrings";//登录页面，即如果用户输入网址是登陆页面则 过滤通过
	public static final String INCLUDESTRINGS = "includeStrings";//要被过滤的网址，在这里是 所有网址里包含 .jsp和.html的页面要均被过滤
	public static final String REDIRECTPATH = "redirectPath";//若没通过过滤，即还没登录 则转向的页面，这里是login.jsp
	public static final String ENABLETESTFILTER = "enabletestfilter";//是否启用此过滤器 ，若 值为 N 则禁止此过滤器。

	/* (non-Javadoc)
	 * @see javax.servlet.Filter#doFilter(javax.servlet.ServletRequest, javax.servlet.ServletResponse, javax.servlet.FilterChain)
	 */
	@Override
	public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException,
			ServletException {
		HttpServletRequest httpreq = (HttpServletRequest) request;
		HttpServletResponseWrapper wrapper = new HttpServletResponseWrapper((HttpServletResponse) response);
		String logonStrings = filterConfig.getInitParameter("logonStrings");
		String includeStrings = filterConfig.getInitParameter("includeStrings");
		String redirectPath = httpreq.getContextPath() + filterConfig.getInitParameter("redirectPath");
		String enabletestfilter = filterConfig.getInitParameter("enabletestfilter");

		if (enabletestfilter.toUpperCase().equals("N")) {
			chain.doFilter(request, response);
			return;
		}
		String[] logonList = logonStrings.split(";");
		String[] includeList = includeStrings.split(";");
		Object user = httpreq.getSession().getAttribute(IStaticData.SESSION_USER);
		if (user == null) {
			if (!WebUtil.isContains(httpreq.getRequestURI(), includeList)) {
				chain.doFilter(request, response);
				return;
			}
			if (WebUtil.isContains(httpreq.getRequestURI(), logonList)) {
				chain.doFilter(request, response);
				return;
			}
			wrapper.sendRedirect(redirectPath);

		} else {
			chain.doFilter(request, response);
		}

	}

	/* (non-Javadoc)
	 * @see javax.servlet.Filter#init(javax.servlet.FilterConfig)
	 */
	@Override
	public void init(FilterConfig arg0) throws ServletException {
		this.filterConfig = arg0;
	}

}
